Hi Simon, Excerpts from Michael Stapelberg's message of 2011-09-02 17:15:23 +0200: > > > Simon, what do you think? Is running dnsmasq as user dnsmasq by > > > default a > > > sensible decision? > > > > Yes, it is. > Alright, I will change the service file to do that. So, I reflected about this, and we cannot use User=dnsmasq in the service file because dnsmasq needs to bind to port 53 as root.
But aside from that, I wonder why we (as in: Debian) need to use the dnsmasq user while the default is the 'nobody' user, which we also have in Debian. The only difference I can spot so far is that the dnsmasq user has /var/lib/misc as homedir and dnsmasq stores a file called dnsmasq.leases there. I’m not sure what the intentions are, but my first question is: why is that file not in /var/run (and therefore on tmpfs)? > > > • LANG gets set if it is defined in /etc/default/locale. I’m not sure > > > what the > > > effects of that are (I don’t set LANG on my system, I prefer the LC_* > > > settings). Does it somehow affect the behaviour of dnsmasq when > > > resolving? > > > If so, how? > > > > It affects the charset used when reading internationalised domain names > > from configuration files and the translation used for messages. It's needed. > OK. I think this could be done with EnvironmentFile=-/etc/default/locale. I > will test it and add it (including a comment on why it is necessary). I am still not quite sure about why we need it and what the effects really are. Of course, log messages appear in a different language after setting LANG. But what exactly is the behaviour when resolving? Why does the LANG setting of my *server* define which answers my clients get? The problem I see with using LANG is that /etc/default/locale is Debian-specific and we want to have the same systemd service file for all distributions (ideally). > > 1) set the domain to the system value An important setting, but should be done via /etc/dnsmasq.conf when using systemd. > > 2) use a different configuration file. I don’t really see a good reason for that right now, but people who want to do that should just copy /lib/systemd/system/dnsmasq.service to /etc/systemd/system/dnsmasq.service and change it appropriately. > > 3) set a couple of options which are needed by the Debian installation, > > without requiring the user to have them in the configuration file. > > These are the dnsmasq user, and the CONFIG_DIR value. So, this is a Debian-specific option which we really need :-/. I guess we have no other option than shipping two files with dnsmasq or keeping a Debian-specific one in the Debian packaging (the latter sounds better). Best regards, Michael -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
